*Brute Force: Is an exhaustive attack that works by testing every possible value of a value (password, file name, etc.) [[:Brute_force_attack|Brute_force_attack]]

+

*Brute Force: Is an exhaustive attack that works by testing every possible value of a parameter (password, file name, etc.) [[:Brute_force_attack|Brute_force_attack]]

*Cache Poisoning: Is an attack that seeks to introduce false or malicious data into a web cache, normally via HTTP Response Splitting. [[:Cache_Poisoning|Cache_Poisoning]]

*Cache Poisoning: Is an attack that seeks to introduce false or malicious data into a web cache, normally via HTTP Response Splitting. [[:Cache_Poisoning|Cache_Poisoning]]

*DNS Poisoning: Is an attack that seeks to introduce false DNS address information into the cache of a DNS server, where it will be served to other users enabling a variety of attacks. (e.g., Phishing)

*DNS Poisoning: Is an attack that seeks to introduce false DNS address information into the cache of a DNS server, where it will be served to other users enabling a variety of attacks. (e.g., Phishing)

Latest revision as of 06:48, 10 August 2012

This category is for tagging common types of application security attacks.

What is an attack?

Attacks are the techniques that attackers use to exploit the vulnerabilities in applications. Attacks are often confused with vulnerabilities, so please try to be sure that the attack you are describing is something that an attacker would do, rather than a weakness in an application.